Advertisement

Intrusion Detection in Mobile Ad Hoc Networks

  • Sevil ŞenEmail author
  • John Andrew Clark
Chapter
Part of the Computer Communications and Networks book series (CCN)

Abstract

In recent years, mobile ad hoc networks (MANETs) have become a very popular research topic. By providing communications in the absence of a fixed infrastructure, MANETs are an attractive technology for many applications such as rescue operations, tactical operations, environmental monitoring, conferences, and the like. However, this flexibility introduces new security risks. Since prevention techniques are never enough, intrusion detection systems (IDSs), which monitor system activities and detect intrusions, are generally used to complement other security mechanisms.

Intrusion detection for MANETs is a complex and difficult task mainly due to the dynamic nature of MANETs, their highly constrained nodes, and the lack of central monitoring points. Conventional IDSs are not easily applied to them. New approaches need to be developed or else existing approaches need to be adapted for MANETs. This chapter outlines the issues of intrusion detection for MANETs and reviews the main solutions proposed in the literature.

Keywords

Intrusion Detection Mobile Agent Intrusion Detection System Malicious Node Gateway Node 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Abbreviations

DEMEM

distributed evidence-driven message exchanging ID model

DoS

denial of service

FSM

finite state machine

ID

intrusion detection

IDMEF

intrusion detection message exchange format

IDS

intrusion detection system

IETF

Internet engineering task force

LiPaD

lightweight packet drop detection for ad hoc networks

MANET

mobile ad hoc network

MIDMEF

MANET intrusion detection exchange format

PCH

percentage of changes in the sum of hops all the routes

PCR

percentage of changed routes

RREP

route reply

RREQ

route request

References

  1. 1.
    Anantvalee T, Wu J (2006) A Survey on Intrusion Detection in Mobile Ad Hoc Networks (Chapter 7). Edited by Xiao Y, Shen Y, Du D-Z Wirel/Mobil Netw Secur, Springer, 170–196Google Scholar
  2. 2.
    Anjum F, Talpade R (2004) LiPaD: Lightweight Packet Drop Detection for Ad hoc Networks. In Proc of IEEE Veh Technol Conf (VTC) 2: 1233–1237Google Scholar
  3. 3.
    Axelsson S (2000) Intrusion Detection Systems: A Survey and Taxonomy. Technical Report No 99-15, Dept. of Computer Engineering, Chalmers University of TechnologyGoogle Scholar
  4. 4.
    Buchegger S, Le Boudec J (2002) Nodes Bearing Grudges: Towards Routing Security, Fairness, and Robustness in Mobile Ad Hoc Network. In Proc of 10th Euromicro Workshop on Parallel, Distrib and Netw-based Process, 403–410Google Scholar
  5. 5.
    Guha R, Kachirski O et al. (2002) Case-Based Agents for Packet-Level Intrusion Detection in Ad Hoc Networks. In Proc of 17th Int Symp on Comput & Inf Sci: 315–230Google Scholar
  6. 6.
    Heady R, Luger G, Maccabe A, Servilla M (1990) The architecture of a network level intrusion detection system. Technical Report, Computer Science Department, University of New MexicoGoogle Scholar
  7. 7.
    Huang Y, Fan W et al. (2003) Cross-Feature Analysis for Detecting Ad-Hoc Routing Anomalies. In Proc of 23rd IEEE Int Conf on Distrib Comput Syst (ICDCS) 23: 478–487Google Scholar
  8. 8.
    Huang Y, Lee W (2003) A Cooperative Intrusion Detection System for Ad Hoc Networks. In Proc of the 1st ACM Workshop on Secur of Ad Hoc and Sens Netw: 135–147Google Scholar
  9. 9.
    Huang Y, Lee W (2004) Attack Analysis and Detection for Ad Hoc Routing Protocols. In Proc of Recent Adv in Intrusion Detect LNCS 3224: 125–145CrossRefGoogle Scholar
  10. 10.
    Intrusion Detection Message Exchange Format (IDMEF), http://www.ietf.org/html.charters/OLD/idwg-charter.html Accessed 30 August 2007
  11. 11.
    Jacquet P, Muhlethaler P et al. (2001) Optimized Link State Routing Protocol for Ad Hoc Networks. In Proc of IEEE INMIC: 62–68Google Scholar
  12. 12.
    Kachirski O, Guha R (2003) Effective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks. In Proc of the 36th IEEE Int Conf on Syst Sci (HICSS)Google Scholar
  13. 13.
    Karygiannis A, Antonakakis E et al (2006) Detecting Critical Nodes for MANET Intrusion Detection Systems. In Proc. of 2nd Int. Workshop on Secur, Priv and Trust in Pervasive and Ubiquitous Comput (SecPer)Google Scholar
  14. 14.
    Lundin E, Jonsson E. (2002) Survey of Intrusion Detection Research. Technical report 02–04, Dept. of Computer Engineering, Chalmers University of TechnologyGoogle Scholar
  15. 15.
    Marti S, Giuli TJ et al. (2000) Mitigating Routing Misbehaviour in Mobile Ad Hoc Networks. In Proc of 6th ACM Int Conf on Mobil Comput and Netw (MobiCom): 255–265Google Scholar
  16. 16.
    Mobile Agent, http://en.wikipedia.org/wiki/Mobile_agent Accessed 30 August 2007
  17. 17.
    Parker J, Undercoffer J et al. (2004) On Intrusion Detection and Response for Mobile Ad Hoc Networks. In Proc of 23rd IEEE Int Perform Comput and Commun ConfGoogle Scholar
  18. 18.
    Smith AB (2001) An Examination of an Intrusion Detection Architecture for Wireless Ad Hoc Networks. In Proc of 5th Natl Colloq for Inf Syst Secur EducGoogle Scholar
  19. 19.
    Snort, http://www.snort.org/ Accessed 30 August 2007
  20. 20.
    Sterne D, Balasubramanyam P et al (2005) A General Cooperative Intrusion Detection Architecture for MANETs. In Proc of the 3rd IEEE IWIAGoogle Scholar
  21. 21.
    Sun B (2004) Intrusion Detection in Mobile Ad Hoc Networks. PhD Thesis, Computer Science, Texas A&M UniversityGoogle Scholar
  22. 22.
    Sun B, Wu K et al. (2006) Zone-Based Intrusion Detection System for Mobile Ad Hoc Networks. Int J of Ad Hoc and Sens Wirel Netw 2: 3Google Scholar
  23. 23.
    Tseng CH, Song T et al. (2005) A Specification-Based Intrusion Detection Model for OLSR. In Proc of the 8th Int Symp on Recent Adv in Intrusion Detect LNCS 3858: 330–350CrossRefGoogle Scholar
  24. 24.
    Tseng CH, Wang SH (2006) DEMEM: Distributed Evidence Driven Message Exchange Intrusion Detection Model for MANET. In Proc of the 9th Int Symp on Recent Adv in Intrusion Detect LNCS 4219:249–271CrossRefGoogle Scholar
  25. 25.
    Tseng C-Y, Balasubramayan P et al. (2003) A Specification-Based Intrusion Detection System for AODV. In Proc of the ACM Workshop on Secur in Ad Hoc and Sens Netw (SASN)Google Scholar
  26. 26.
    Uppuluri P, Sekar R (2001) Experiences with Specification-based Intrusion Detection. In Proc of the 4th Int Symp on Recent Adv in Intrusion Detect LNCS 2212: 172–189CrossRefGoogle Scholar
  27. 27.
    Wang X, Lin T et al. (2005) Feature Selection in Intrusion Detection System over Mobile Ad-hoc Network. Technical Report, Department of Computer Science, Iowa State UniversityGoogle Scholar
  28. 28.
    Zhang Y, Lee W (2000), Intrusion Detection in Wireless Ad Hoc Networks. In Proc of the 6th Int Conf on Mobil Comput and Netw (MobiCom): 275–283Google Scholar
  29. 29.
    Zhang Y, Lee W (2003) Intrusion Detection Techniques for Mobile Wireless Networks. Wirel Netw 9(5): 545–556Google Scholar

Copyright information

© Springer-Verlag London Limited 2009

Authors and Affiliations

  1. 1.Department of Computer ScienceUniversity of YorkHeslingtonUK

Personalised recommendations